05 November 2018

Despite a shortage of 3 million cybersecurity professionals across the globe, a comfortable majority of those currently employed (68%) are happy in their jobs, according to (ISC)2’s newly published Cybersecurity Workforce Study. Their job satisfaction is related to the level of investment employers make in cybersecurity skills, technology and practices – all of which determines how cybersecurity professionals spend their time. The study is instructive to employers who are hampered by the skills shortage, but nevertheless need to improve their cybersecurity posture and culture. “By providing the right security resources, whether that means additional personnel, training or specialized cybersecurity solutions,...
Read more →

23 October 2018

2,930,000 That is the size of the global cybersecurity workforce gap. The breakdown is around 498,000 in North America, 136,000 in Latin America, 142,000 in Europe, the Middle East and Africa, with the largest deficit coming in Asia Pacific at 2.14 million. But what does this big, scary number even mean? Where did it come from? First, this new Cybersecurity Workforce Study from (ISC)² has evolved from past studies to become a more accurate representation of the broader workforce. We surveyed nearly 1,500 professionals around the world who spend at least 25% of their time on cybersecurity activities, which includes...
Read more →

18 October 2018

You might want to sit down for this one: The shortage of cybersecurity professionals around the globe has never been more acute. New research by (ISC)2 places the estimate at just under 3 million – 2.93 million to be exact – with roughly 500,000 of those positions located in North America. According to (ISC)2’s Cybersecurity Workforce Study, the gap is having a serious real-world impact around the globe. Asia-Pacific, with its growing economies and new privacy regulations, is experiencing the biggest shortage – 2.14 million positions. The massive worldwide shortage not only places organizations affected by the shortage at higher...
Read more →

08 October 2018

The cybersecurity workforce skills gap is hampering the nation’s ability to combat cyber threats that target our way of life, economy and national security interests, according to U.S. Rep. Cedric Richmond (D-LA), who serves on the House Committee on Homeland Security. Delivering the first keynote at the 2018 (ISC)2 Security Congress, taking place this week in New Orleans, the Congressman said more work is needed at the federal, state and local levels, as well as in the private sector, to address the problem of cybersecurity and the skills gap. “We need a robust cybersecurity workforce,” Richmond said, citing a government...
Read more →

02 October 2018

The chief information security officer role hasn’t always gotten the respect it deserves. Research over the years has shown companies often treat their CISO primarily as a scapegoat for security incidents. But that may be changing – at least it is in organizations with a strong cybersecurity culture. New research by (ISC)2 shows the overwhelming majority of companies that properly staff their cybersecurity teams employ a CISO. The Building a Resilient Cybersecurity Culture study revealed that 86% of organizations that consider themselves adequately staffed with cybersecurity talent have a CISO. This is a substantially higher percentage than the 49% of...
Read more →

25 September 2018

One of the main questions (ISC)2 sought to answer with a new study, Building a Resilient Cybersecurity Culture, was what makes a good cybersecurity team, especially in an industry that suffers from a shortage in its current workforce. How do organizations go about building and strengthening the team? It’s clear from the study’s findings that management’s attitude toward the team – and toward cybersecurity as a whole – is related to the team’s success, confidence and ability to do their job without worrying about lack of budget or support from the top. Going in, we already knew the respondents in...
Read more →

09 July 2018

Cybersecurity job searches increased nearly six percent between March 2017 and March 2018, according to recently published research by job listings site Indeed. The increase actually outpaced a 3.5 percent uptick in jobs posted. These numbers do not mean that supply is exceeding demand – far from it. The reality is that finding cybersecurity talent remains a major challenge for employers, both in and outside the tech field. But the Indeed findings seem to confirm what (ISC)² discovered earlier this year: There is a big appetite among cybersecurity workers for a change of employment. In our “Hiring and Retaining Top...
Read more →

07 June 2018

As organizations struggle to fill cybersecurity vacancies, they aren’t finding many candidates among millennial jobseekers. A new study shows millennials are only marginally interested in cybersecurity careers, with 9 percent showing any interest at all. The finding is troubling, considering millennials have become the largest percentage of the overall workforce. This generation, which has grown up with iPhones and YouTube is often viewed as an untapped source of talent for cybersecurity careers, but it’s clear they are not getting the message that they are needed. The study of 524 technology-savvy millennials, conducted by Enterprise Strategy Group and sponsored by ProtectWise,...
Read more →

04 May 2018

By and large, female and male cybersecurity professionals share the same workplace values, priorities and aspirations. Both place about the same level of importance on matters such as salary and working close to home – and both apply roughly the same skills to their work and view protecting people and data as their primary function, according to recent (ISC)2 research. In a survey of 250 cybersecurity professionals, (ISC)2 also discovered the number of men and women looking for new employment is exactly the same: 85 percent of cybersecurity workers are open to new employment opportunities, including 14 percent who are...
Read more →

02 April 2018

By Kwinton Scarbrough, CISSP In the midst of the business and technology merge, organizations of all industries have started their journey into the cognitive era of cybersecurity. In this era, it is essential for a business to have an IT security strategy to govern how the organization will protect itself from internal and external cyber threats. However, what commonly fails to align to IT security strategy is the organization’s overall security culture. IT security strategy can only be effective if there is a strong security culture embedded into the very fabric of the company’s operations. Today, I will cover the...
Read more →

20 March 2018

There’s no question cybersecurity professionals are busy people, but what takes up their time at work? According to recent (ISC)2 research, the skills they most employ each day are network monitoring, security analysis and security administration, while forensics and penetration analysis rank at the bottom. But if you ask those who are actively looking for a new job, the daily task that comes up most often is user awareness training. Some 38% of respondents who said they’d be starting a job search within six months revealed they conduct user training every day, while 31% do it two to three times...
Read more →

15 March 2018

Non-white cybersecurity workers outnumber their white counterparts in advanced education degrees (master’s and higher), but they are still underrepresented in managerial positions. As a group, minority professionals also get paid less than Caucasians, according to a new report from (ISC)2. The report, Innovation Through Inclusion: The Multicultural Cybersecurity Workforce suggests ethnic and racial minority professionals face barriers to advancement that don’t seem to apply to Caucasians. The same is true when it comes to salaries, as Caucasian workers significantly out-earn their multicultural peers. Minority workers make up 26% of the U.S. cybersecurity workforce, just five points above the overall minority...
Read more →

02 March 2018

By Wesley Simpson, COO, (ISC)² Some have called the skills gap in IT and cybersecurity a national security crisis. Yet, it’s one that most everyone in the industry doesn’t know how to solve. Many look to automation and other technologies as a solution to the problem. Others foster relationships that will fill the pipeline and attract new talent. But there is no ONE solution. Instead, organizations need to both build and buy the talent they need. The growing gap between skills needed and qualified candidates is not a problem that technology alone can solve, but it is one that is...
Read more →

01 March 2018

Every year, (ISC)² and The Centre for Cyber Safety and Education award a range of scholarships to individuals pursuing, or planning to pursue a degree in cybersecurity or information security. Addressing the cybersecurity skills gap The aim of these initiatives are to help bridge the cybersecurity workforce skills gap - which our research predicts to reach a 1.8 million shortfall in the next four years - and improve diversity within the profession; by providing future information security professionals with Undergraduate, Graduate or Women’s scholarships to assist them in preparing for their rewarding career in this vital sector. How the scholarship...
Read more →

28 February 2018

Even though 85% of cybersecurity professionals would consider new job opportunities, it’s getting harder for employers to attract and retain qualified candidates. There just aren’t enough experienced cybersecurity workers to hire, and those already employed are constantly being wooed by recruiters. Only 15% of currently employed cybersecurity workers are planning to stay put, according to recently completed (ISC)2 research. Among the rest, 14% are actively looking for a new job and 75% are open to opportunities. This means we will likely see a hubbub of activity in the cybersecurity job market throughout 2018. Employers face an uphill battle. You not...
Read more →

15 February 2018

Last year’s Security Congress in Austin was our largest one yet with nearly 2,000 cybersecurity professionals in attendance. You know what they say, everything is bigger in Texas! Our first independent Congress featured 139 educational sessions, as well as vendors presenting in the Solutions Theater, (ISC)² member focus groups, Cloud Security Alliance (CSA) Summit and the Information Security Leadership Awards (ISLA) Americas ceremony and celebration. If you attended last year, you saw the excitement and enthusiasm from staff, speakers and attendees. If you were unable to attend, you’re in luck – you can watch some of the top sessions from...
Read more →

06 February 2018

As cyber threats proliferate, organizations looking to fill cybersecurity vacancies need to take concrete steps to reboot recruiting and hiring efforts. Qualified candidates for cybersecurity jobs are scarce and getting scarcer, creating a challenge for companies to properly defend themselves against threats. By 2022, an estimated 1.8 million cybersecurity jobs will go unfilled, according to research by (ISC)2. It’s a classic supply-and-demand challenge, with too many vacancies for too few candidates. Currently it takes 55% of organizations at least three to six months to fill a cybersecurity vacancy, and 32% spend even more time to find qualified candidates, ISACA has...
Read more →